Book Image

Lighttpd

By : Andre Bogus
Book Image

Lighttpd

By: Andre Bogus

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Lighttpd
Andre Bogus
Oct, 2008 | 240 pages
No titles found
Table of Contents (20 chapters)
Lighttpd
Lighttpd
Credits
Credits
About the Author
About the Author
About the Reviewer
About the Reviewer
Preface
Preface
Free Chapter
1
Introduction to Lighttpd
Introduction to Lighttpd
Installing Lighttpd
Building Lighttpd using Autotools
Building Lighttpd using CMake
Summary
2
Configuring and Running Lighttpd
Configuring and Running Lighttpd
Starting Lighttpd by Hand
Other Core Options
Mime Types
Selectors
Rewriting and Redirecting Requests
Including Variables, Files, and Shell-code
Summary
3
More Virtual Hosting and CGI
More Virtual Hosting and CGI
Extended Virtual Hosting
MySQL based Virtual Hosting
Going Dynamic
CGI with mod_cgi
FastCGI
SCGI
mod_proxy_core and backends
Summary
4
Downloads and Streams
Downloads and Streams
Core Settings
Traffic Shaping
Showing Directory Contents
Securing Downloads
Streaming Content
Putting it All Together
Summary
5
Big Brother Lighttpd
Big Brother Lighttpd
Privacy
O Browser, Where Art Thou?
Access Logging
Tracking Users
Other Data Points
Summary
6
Encryption: SSL
Encryption: SSL
Self-Signed Keys
Being our own Certificate Authority
Obtaining a Key Pair from a Third-Party Supplier
Configuring Lighttpd to use SSL
Summary
7
Securing Lighttpd
Securing Lighttpd
Barriers to Entry
Evading Denial of Service Attacks
Know Your Foe
Summary
8
Containing Lighttpd
Containing Lighttpd
Giving up Privileges
Changing Root
Separating the Backend
Summary
9
Optimizing Lighttpd
Optimizing Lighttpd
Installing http_load
Specific Optimizations
Profiling with gprof
Summary
10
Migration from Apache
Migration from Apache
Adding Lighttpd to the Mix
Excursion: mod_proxy
Reducing Apache Load
mod_perl, mod_php, and mod_python
.htaccess
Rewriting Rules
WebDAV
Summary
11
CGI Revisited
CGI Revisited
Ruby on Rails
WordPress
phpMyAdmin
MediaWiki
Trac
AWStats
AjaxTerm
Summary
12
Using Lua with Lighttpd
Using Lua with Lighttpd
Lua: A small Primer
Useful Lua Libraries
Lua/FastCGI
Running mod_magnet
Example: A Shoutbox
Summary
13
Writing Lighttpd Modules
Writing Lighttpd Modules
Handling Configuration
Rewriting the Request
Manipulating the Response
Summary
HTTP Status Codes
HTTP Status Codes
Module/Configuration Index
Module/Configuration Index
Internal
mod_access
mod_accesslog
mod_alias
mod_auth
mod_cgi
mod_cml
mod_chunked
mod_compress
mod_deflate
mod_dirlisting
mod_evasive
mod_evhost
mod_expire
mod_fastcgi
mod_flv_streaming
mod_indexfile
mod_magnet
mod_proxy
mod_proxy_core
mod_redirect
mod_rewrite
mod_rrdtool
mod_scgi
mod_secure_download
mod_setenv
mod_simple_vhost
mod_sql_vhost_core, mod_mysql_vhost
mod_ssi
mod_staticfile
mod_status
mod_trigger_b4_dl
mod_uploadprogress
mod_userdir
mod_usertrack
mod_webdav

Securing Downloads

The two modules that Lighttpd offers require that a user must first get permissions to download, and have to do so within a specified window of time after which the permission times out. The difference is in the way of getting permission: mod_trigger_b4_dl just defines a trigger URL that a user must visit before the download is permitted, while mod_secdownload validates against a token to be created by a backend application (for example, our login for paying customers). Therefore, we can use mod_trigger_b4_dl to fight deep linking and mod_secdownload to differentiate between user groups.

First, let us start with mod_trigger_b4_dl. Let us presume that we want everyone to view (well, we cannot really control that, but at least download) a certain advertisement, for example, an image at the path /ads/342hgf.gif, before they can access any of our high-quality content within the next 10 seconds. We can get this to work with the following configuration:

server.modules += ("mod_trigger_b4_dl...
Previous Section
End of Section 5
Next Section